Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberUSRE42214 E1
Publication typeGrant
Application numberUS 11/956,246
Publication dateMar 8, 2011
Filing dateDec 13, 2007
Priority dateNov 30, 1999
Fee statusPaid
Also published asCA2326207A1, CN1298147A, EP1115061A2, US6976258
Publication number11956246, 956246, US RE42214 E1, US RE42214E1, US-E1-RE42214, USRE42214 E1, USRE42214E1
InventorsPawan Goyal, Xun Wilson Huang, Srinivasan Keshav, Rosen Sharma
Original AssigneePawan Goyal, Xun Wilson Huang, Srinivasan Keshav, Rosen Sharma
Export CitationBiBTeX, EndNote, RefMan
External Links: USPTO, USPTO Assignment, Espacenet
Providing quality of service guarantees to virtual hosts
US RE42214 E1
Abstract
A method facilitates providing appropriate quality of service guarantees to a plurality of virtual hosts on a single physical host computer. A server application program and its child processes service communication requests made to the plurality of virtual hosts. Quality of service parameters associated with the virtual hosts are stored. Communication requests made to a specific one of the virtual hosts are detected. The quality of service parameters associated with the specific virtual host are obtained. Operating system resources are utilized to guarantee, to a child process of the server application program, a quality of service according to the obtained quality of service parameters associated with the virtual host. Communication between the virtual host and the client is allowed to proceed, the communication being managed by the child process.
Images(8)
Previous page
Next page
Claims(25)
1. A computer-implemented method for providing a quality of service guarantee to a child process of an application program, wherein the application program and its child process service requests made to a plurality of network addresses, a network address indicating a virtual host, a virtual host comprising a virtualized server application program the method comprising:
storing a quality of service parameter associated with a network address;
intercepting a system call, made by the child process, that establishes a communication channel between a client and the network address, wherein intercepting the system call comprises:
saving a copy of a first pointer, which Points to object code of the system call; and
replacing the first pointer with a second pointer, which points to different object code, such that making the system call causes the different object code to execute; and
enabling communication between the network address and the client, the communication being managed by the child process;
wherein execution of the different object code comprises:
using the saved copy of the first pointer to transfer execution to the intercepted system call, thereby establishing a communication channel;
determining that the established communication channel is to one of the plurality of network addresses serviced by the application program and its child process;
obtaining a quality of service parameter associated with the network address; and
utilizing an operating system resource to request a guarantee, to the child process, of a quality of service according to the obtained quality of service parameter.
2. A computer-implemented method for providing a quality of service guarantee to a child process of an application program, wherein the application program and its child process service requests made to a plurality of network addresses, a network address indicating a virtual host, a virtual host comprising a virtualized server application program, the method comprising:
storing a quality of service parameter associated with a network address;
intercepting a system call which establishes a communication channel between a client and the network address;
allowing establishment of the communication channel;
storing an indicator of an association between an application program that made the intercepted system call, the established communication channel, and the network address;
intercepting a system call which creates a child process;
allowing creation of the child process;
storing an indicator of an association between an application program that made the intercepted system call and the created child process;
intercepting a system call which creates a copy of a file descriptor;
allowing creation of the copy of the file descriptor;
storing an indicator of an association between the file descriptor and the created copy of the file descriptor;
intercepting a system call which transports data through a communication channel;
determining, by examining the stored association indicators, that an application that made the intercepted system call is a child process of a parent application that established a communication channel to one the network address;
determining, by examining the stored association indicators, that the communication channel through which the intercepted system call transports data is the communication channel established by the parent application to the network address;
obtaining the quality of service parameter associated with the network address;
utilizing an operating system resource to request a guarantee, to the child process that called the intercepted system call, of a quality of service according to the obtained quality of service parameter associated with the network address; and
allowing data to be transported through the communication channel.
3. The method of claim 2 wherein storing the quality of service parameter associated with the network address comprises modifying an operating system to include a quality of service parameter table comprising the quality of service parameter associated with the network address.
4. The method of claim 3 wherein modifying the operating system comprises linking a module to an operating system kernel, the module comprising the quality of service parameter table.
5. The method of claim 2 further comprising:
saving a copy of a first pointer, which points to object code of the system call to intercept; and
wherein intercepting the system call comprises replacing the first pointer with a second pointer, which points to different object code, such that making the system call causes the different object code to execute.
6. The method of claim 5, wherein the intercepted system call comprises a system call which establishes a communication channel between a client and a network address, and wherein execution of the different object code comprises:
allowing establishment of the communication channel by using the saved copy of the first pointer to transfer execution to the intercepted system call; and
storing an association between the application program and the established communication channel by storing, in an association table, an entry indicating an association between a process identification number of the application program that made the system call, a file descriptor describing the established communication channel, and the network address to which the channel was established.
7. The method of claim 5, wherein the intercepted system call comprises a system call which creates a child process, and wherein execution of the different object code comprises:
allowing creation of the child process by using the saved copy of the first pointer to transfer execution to the intercepted system call; and
storing an association between the application program that called the system call and the created child process by storing, in an association table, an entry indicating an association between a process identification number of the application program that made the system call and a process identification number of the created child process.
8. The method of claim 5 further comprising inserting the different object code into the operating system.
9. The method of claim 7 wherein inserting the different object code into the operating system comprises linking a module to an operating system kernel, the module comprising the different object code.
10. A computer-readable medium storing a computer program product for providing a quality of service guarantee to a child process of an application program, wherein the application program and its child process service requests made to a plurality of network addresses, a network address indicating a virtual host, a virtual host comprising a virtualized server application program, the computer program product comprising:
program code for storing a quality of service parameter associated with a network address;
program code for intercepting a system call, made by the child process, that establishes a communication channel between a client and the network address, wherein the program code for intercepting the system call comprises:
program code for saving a copy of a first pointer, which points to object code of the system call; and
program code for replacing the first pointer with a second pointer, which points to different object code, such that making the system call causes the different object code to execute; and
program code for enabling communication between the network address and the client, the communication being managed by the child process;
wherein the different object code comprises:
program code for using the saved copy of the first pointer to transfer execution to the intercepted system call, thereby establishing a communication channel;
program code for determining that the established communication channel is to one of the plurality of network addresses serviced by the application program and its child process:
program code for obtaining a quality of service parameter associated with the network address; and
program code for utilizing an operating system resource to request a guarantee, to the child process, of a quality of service according to the obtained quality of service parameter.
11. A computer-readable medium storing a computer program product for providing a quality of service guarantee to a child process of an application program, wherein the application program and its child process service requests made to a plurality of network addresses, a network address indicating a virtual host, a virtual host comprising a virtualized server application program, the computer program product comprising:
program code for storing a quality of service parameter associated with a network address;
program code for intercepting a system call which establishes a communication channel between a client and the network address;
program code for allowing establishment of the communication channel;
program code for storing an indicator of an association between the application program that made the intercepted system call, the established communication channel, and the network address;
program code for intercepting a system call which creates a child process;
program code for allowing creation of the child process;
program code for storing an indicator of an association between an application program that made the intercepted system call and the created child process;
program code for intercepting a system call which creates a copy of a file descriptor;
program code for allowing creation of the copy of the file descriptor;
program code for storing an indicator of an association between the file descriptor and the created copy of the file descriptor;
program code for intercepting a system call which transports data through a communication channel;
program code for determining, by examining the stored association indicators, that an application that called the intercepted system call is a child process of a parent application that established a communication channel to the network address;
program code for determining, by examining the stored association indicators that the communication channel through which the intercepted system call transports data is the communication channel established by the parent application to the network address;
program code for obtaining the quality of service parameter associated with the network address;
utilizing an operating system resource to request a guarantee to the child process that called the intercepted system call, of a quality of service according to the obtained quality of service parameter associated with the network address; and
program code for allowing data to be transported through the communication channel.
12. The computer-readable medium of claim 11 wherein the program code for storing the quality of service parameter associated with the network address comprises program code for modifying an operating system to include a quality of service parameter table comprising the quality of service parameter associated with the network address.
13. The computer-readable medium of claim 12 wherein the program code for modifying the operating system comprises program code for linking a module to an operating system kernel, the module comprising the quality of service parameter table.
14. The computer-readable medium of claim 11 wherein the computer program product further comprises
program code for saving a copy of a first pointer, which points to object code of the system call to intercept; and
wherein the program code for intercepting the system call comprises program code for replacing the first pointer with a second pointer which points to different object code, such that making the system call causes the different object code to execute.
15. The computer-readable medium of claim 14 wherein the intercepted system call comprises a system call which establishes a communication channel between a client and a network address, and wherein the different object code comprises:
program code for allowing establishment of the communication channel by using the saved copy of the first pointer to transfer execution to the intercepted system call; and
program code for storing an association between the application program and the established communication channel by storing in an association table an entry indicating an association between a process identification number of the application program that made the system call, a file descriptor describing the established communication channel, and the network address to which the channel was established.
16. The computer-readable medium of claim 14, wherein the intercepted system call comprises a system call which creates a child process, and wherein the different object code comprises:
program code for allowing creation of the child process by using the saved copy of the first pointer to transfer execution to the intercepted system call; and
program code for storing an association between the application program that called the system call and the created child process by storing, in an association table, an entry indicating an association between a process identification number of the application program that made the system call and a process identification number of the created child process.
17. The computer-readable medium of claim 14 wherein the computer program product further comprises program code for inserting the different object code into the operating system.
18. The computer-readable medium of claim 17 wherein the program code for inserting the different object code into the operating system comprises program code for linking a module to an operating system kernel, the module comprising the different object code.
19. A system for providing a quality of service guarantee to a child process of an application program, wherein the application program and its child process service requests made to multiple network addresses, a network address indicating a virtual host, the virtual host comprising a virtualized server application program, the system comprising:
a processor;
a storing component that stores a quality of service parameter associated with a network address;
a component that intercepts a system call, made by the child process, that establishes a communication channel between a client and the network address, wherein intercepting the system call comprises:
a communication component that saves a copy of a first pointer that points to object code of the system call, replaces the first pointer with a second pointer that points to different object code such that making the system call causes the different object code to execute and enables communication between the network address and the client, the communication being managed by the child process;
wherein when the different object code executes, it uses the saved copy of the first pointer to transfer execution to the intercepted system call, thereby establishing a communication channel, determines that the established communication channel is to one of the multiple network addresses serviced by the application program and its child process, obtains a quality of service parameter associated with the network address, and utilizes an operating system resource to request a guarantee of a quality of service according to the obtained quality of service parameter.
20. The system of claim 19 wherein the storing component modifies an operating system to include the quality of service parameter table comprising the quality of service parameter associated with the network address when it stores the quality of service parameter associated with the network address.
21. The system of claim 19 wherein the different object code establishes the communication channel by using the saved copy of the first pointer to transfer execution to the object code of the system call and stores an association between the application program and the established communication channel by storing, in an association table, an entry indicating an association between a process identification number of the application program that made the system call, a file descriptor describing the established communication channel, and the network address to which the channel was established.
22. The system of claim 19 wherein the system call creates a child process and wherein when the different object code executes, it enables creation of the child process by using the saved copy of the first pointer to transfer execution to the object code of the system call and stores an association between the application program that called the system call and the created child process by storing, in an association table, an entry indicating an association between a process identification number of the application program that made the system call and a process identification number of the created child process.
23. The system of claim 19 further wherein the different object code is added to an operating system in which the communication component operates.
24. The system of claim 19 further wherein the different object code is a module that is linked to a kernel of an operating system in which the communication component operates.
25. The system of claim 19 wherein the different object code is a module that is linked to a kernel of an operating system in which the communication component operates and the module includes the quality of service parameter table.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS

This patent application is a reissue application for commonly assigned U.S. Pat. No. 6,976,258, issued from U.S. patent application Ser. No. 09/452,286, filed on Nov. 30, 1999, which is incorporated by reference herein in its entirety.

BACKGROUND

1. Field of Invention

The present invention relates generally to guaranteeing appropriate quality of service to virtual processes executing on multitasking operating systems, and specifically in one embodiment to guaranteeing quality of service to virtual hosts servicing client requests to multiple network addresses on a single physical host computer.

2. Background of Invention

With the popularity and success of the Internet, server technologies are of great commercial importance today. Typically, a server program executing on a single physical host computer services client requests made to a single network address allocated to the host. However, using Transmission Control Protocol (TCP) and other transport protocols, a server application executing on a single physical host can be programmed to process requests made to multiple network addresses. Such functionality is known as virtual hosting.

To enable virtual hosting, more than one network address is assigned to a single physical host computer. A server program executing on the host opens a communication transport channel (socket) and allows receipt of incoming communications targeted for any of the multiple network addresses assigned to the host. Accepting a communication request by a server executing TCP is a three step process that comprises waiting for the communication request from a client, sending an acknowledgment signal to the client, and receiving a return acknowledgment signal from the client. This three step process is called “three way handshaking” and is a feature of TCP communication. While accepting a communication request, a server is unable to execute other tasks. Thus, a server cannot wait for one incoming communication request and simultaneously service a separate communication request. However, multiple communication requests made to a plurality of network addresses associated with a single physical host require simultaneous service. For this reason, a virtual host server typically accepts the communications requests itself and creates child processes to service the requests.

Two known methods exist for utilizing child processes to service communication requests. The most common involves accepting the communication request by the server, and then generating (forking) a child process to service it. While the child process services the request made by the client and transmits it to the client, the server is free to accept the next communication request, perhaps from another client. As soon as the server accepts a request, the server generates a new child process, which services the request and then terminates. This method of virtual hosting, know as “fork after accept,” is widely used today.

Another method of virtual hosting comprises generating, by the server, a plurality of child processes. The number of child processes created reflects a desired maximum number of communication requests to service simultaneously. Each child process proceeds to accept a communication request. Thus, each child waits for an incoming communication computer, services it, and proceeds to wait for a next request. While a child process is servicing a request it cannot be waiting for another request, but this is allowable because other child processes are waiting for incoming requests. Where all the child processes are busy servicing requests, the maximum desired number of requests is being serviced, and no more can be accepted until one of the child processes finishes servicing a request and begins waiting for a new one. This method, called “fork before accept,” is known and used today, although less commonly than “fork after accept.”

Both virtual host systems that utilize the fork before accept method and those that utilize the fork after accept method can be name-based as well as address-based. As described above, in an address-based virtual host system, each virtual host is identified by a separate network address assigned to a single, physical host. In contrast, in a name-based virtual host system, each virtual host is identified not by a network address, but instead by a domain name. Multiple domain names can be assigned to a single address. Thus, multiple virtual hosts, each identified by a unique domain name, can all be assigned to a single network address. The single network address to which the multiple domain names are assigned is assigned to the single, physical host. Communication requests to a name-based virtual host are made to a domain name, not to a network address. As with address-based virtual host systems, all virtual hosts map to a single physical host.

A virtual host system simulates multiple hosts by servicing client requests made to any of the multiple network addresses or domain names. This is desirable, because providing a unique physical host for each network address or domain name is expensive and inefficient. Hosting services are often provided commercially by an Internet Service Provider (ISP). Without virtual hosting, an ISP would have to provide a separate physical host computer with a unique network address for every customer that purchases host services. Often, a customer purchasing host services from an ISP will neither require nor be amenable to paying for use on an entire host computer. Generally, only a fraction of the processing power, storage, and other resources of a host computer will be required to meet the needs of an individual customer.

Virtual hosting allows an ISP to utilize one physical host computer to provide commercial host services to multiple customers, thereby creating a virtual host server. Each and is provided with resources on the single, physical host computer, effectively sharing the host with other customers. A client computer requests data from a specific customer's host by targeting communication requests to the appropriate network address (or domain name). By utilizing the fork before accept method or the fork after accept method, the virtual host server can service requests to multiple network addresses or domain names. Thus, the functionality of numerous hosts is provided by a single physical host computer, servicing requests made to a plurality of network addresses and domain names by multiple customers.

One shortcoming with virtual hosting as it exists today is the inability to allocate appropriate amounts of computer resources of the physical host to servicing client requests made to specific virtual hosts, and hence to specific customers. Where an ISP provides host services to multiple customers on a single physical computer, it is desirable to allot to each virtual host a specific amount of computer resources appropriate to the needs of the customer, and preferably based upon the amount paid for the services. For example, suppose two customers purchase host services from an ISP. The first customer is a large corporation providing financial services to thousands of clients internationally. The financial services host requires a great deal of storage space, as well as prompt response time to all client requests. Of course, the first customer is willing to compensate the ISP appropriately for providing such a level of host services. The second customer is a sole proprietorship that sells floral arrangements locally. The second customer has a very limited budget, but only requires minimal computer resources. Clearly, it is desirable for the ISP to allocate different percentages of the system resources to the two separate virtual hosts provided by the ISP for the two separate customers. However, this is not possible with conventional virtual hosting techniques.

Multitasking operating systems such as UNIX facilitate specification of resource allocation to multiple concurrent processes. The operating system can be instructed as to how to allocate resources to different processes. System resources can be allocated to processes as a percentage of resources available (for example, the operating system may be instructed to allocate twenty percent of the central processing unit cycles to process A and two percent to process B), or as specific numbers of units (for example, the operating system may be instructed to allocate X cycles per second to process A and Y cycles per second to process B). Such specification of resource allocation is called a guarantee of quality of service.

A server, which is a process, executing on a dedicated physical host services client requests for a single network address (physical host) only. Thus, quality of service can simply be set for the server to the quality of service appropriate for the host. A virtual host server services numerous client requests for multiple virtual hosts. A single virtual host server provides host services for a plurality of customers all of whom may require different quality of service. Although it would be possible to set a single quality of service for the virtual host server, no single quality of service is appropriate for all of the virtual hosts. Because the appropriate quality of service for different virtual hosts is different, providing a single quality of service for all virtual hosts is undesirable. As detailed above, ISP's utilize single service application programs to provide virtual hosting services to multiple customers with varying business needs and budgets. It would be desirable for an ISP to be able to make appropriate quality of service guarantees to different customers purchasing virtual host services. However, conventional virtual host systems can provide only the same quality of service for all virtual hosts supported by the server. With existing virtual host systems, an ISP cannot provide one quality of service to the international financial services corporation of the example given above, and another to the local florist. The ISP either must provide each customer with the same quality of service, which is undesirable, or provide each customer with a separate physical host, which is inefficient and expensive for the ISP, as many customers do not require the resources of a dedicated host computer. What is needed is a virtual host system that provides appropriate quality of service guarantees for each virtual host.

Virtual host systems are being utilized today by ISP's and other providers of host services. As explained above, it would be desirable for existing ISP's providing virtual host systems to be able to provide appropriate quality of service guarantees to multiple virtual hosts. However, many such ISP's would not want to replace their existing virtual host system with one that could provide such guarantees, even if such a system were available. Upgrading a virtual host system is a time consuming and complicated process, often involving costly down time and high labor expenses. It would be desirable to have a system to allow existing users to provide appropriate quality of service guarantees to multiple virtual hosts, without having to upgrade or replace their existing virtual host systems.

SUMMARY OF INVENTION

The present invention allows providers of virtual host services to make appropriate quality of service guarantees to multiple virtual hosts. In one embodiment, the present invention executes as a virtual host quality of service application program on the same physical host computer as an existing virtual host server. The application program modifies the operating system of the host computer to include a quality of service table comprising appropriate quality of service parameters for all virtual hosts. Then, object code is inserted into the operating system. The object code comprises computer instructions to obtain quality of service parameters for a particular virtual host from the table, and to set the quality of service for the virtual host according to these parameters. Once the object code is inserted, system calls to the operating system pertaining to communications between one of the virtual hosts and a client are intercepted. The system calls are intercepted by replacing a pointer in an operating system function table with a pointer to the inserted object code, so that when a system call is made, the inserted object code is executed rather than the system call. The object code obtains quality of service parameters for the selected virtual host from the quality of service table, and the appropriate quality of service is guaranteed to the virtual host. Virtual host systems utilize child processes of a parent server application to manage communications between a virtual host and a client. Therefore, the inserted object code can guarantee the appropriate quality of service to the virtual host by setting the quality of service guarantees for the child process managing the communication between the virtual host and the client. After the quality of service guarantees are set, the communication between the virtual host and the client proceeds.

The present invention works for all types of virtual hosting systems, including both those that utilize the fork before accept method and those that utilize the fork after accept method. To set quality of service guarantees for a virtual host system utilizing the fork before accept method, system calls that establish a communication channel between a client and a select one of the virtual hosts are intercepted. These system calls are made by child processes of the server application. The present invention then guarantees quality of service appropriate for the virtual host to the child process that made the intercepted system call. Once the quality of service is guaranteed, the child process that made the system call manages the communication between the virtual host and the client.

Guaranteeing quality of service to virtual hosts of a system utilizing the fork after accept method is similarly facilitated. In a system utilizing the fork after accept method, a communication channel is established by the server application prior to generation of a child process to service a communication request. At the time a communication channel is established, it is unknown what child process will service that communication channel. Therefore, under these circumstances, the virtual host quality of service application program intercepts system calls, made by child processes, that transport data through already established communication channels. When such a system call is made, the virtual host quality of service program determines the virtual host to which the client is communicating via the channel. Appropriate quality of service is then guaranteed to the child process that made the intercepted system call. The child process then proceeds to manage communication between the virtual host and the client.

The present invention also guarantees appropriate quality of service to name-based virtual hosts. Clients make communication requests to name-based virtual hosts by passing a domain name to the virtual host server. The domain name is then stored in a communication buffer utilized for communications between the server and the client. The virtual host quality of service program intercepts system calls that transport data through communication channels. When such a system call is made, the communication buffer being used to transport data through the channel is parsed. By parsing the buffer, the domain name to which the client is communicating is isolated, and hence the virtual host associated with the communication is identified. Quality of service guarantees appropriate for the virtual host are then set for the child process that made the system call. That child process proceeds to manage the communication between the virtual host and the client.

In all of the above described embodiments, the present invention allows providers of virtual host services to make appropriate quality of service guarantees to multiple virtual hosts without upgrading or replacing existing virtual host systems.

In another embodiment, the present invention comprises a stand along virtual host system that sets appropriate quality of service guarantees for all virtual hosts. In such an embodiment, the present invention is in the form of a server application program. Unlike other embodiments of the present invention, in order to utilize this embodiment providers of virtual host services must upgrade their virtual host system.

In this embodiment, the virtual host server program stores in computer memory a table including appropriate quality of service guarantees. The server program then receives all client requests for communication with virtual hosts. When utilizing the fork after accept method, the server first receives a client request to communicate with a virtual host, and then creates a child process to manage communication between the virtual host and the client. Next, the server obtains the quality of service parameters associated with the virtual host, and guarantees, to the child process, the quality of service appropriate for the virtual host.

When utilizing the fork before accept method, the server first creates, a plurality of child processes to manage communication requests made to virtual hosts by clients. When the server receives a communication request made to a select one of the virtual hosts by a client, the server obtains the quality of service parameters associated with the virtual host, and guarantees the associated quality of service to the child process that will manage the communication.

As here summarized, the present invention makes appropriate quality of service guarantees to a plurality of virtual hosts comprising a single server application program. Of course, the present invention can also be utilized to make appropriate quality of service guarantees to a plurality of virtual processes of any nature comprising a single application program.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a high level overview of a system for setting quality of service guarantees for virtual hosts in accordance with one embodiment of the present invention.

FIG. 2 is a block diagram illustrating a system for setting quality of service guarantees for virtual hosts of a virtual hosting system that utilizes a fork before accept method.

FIG. 3 is a block diagram illustrating a system for setting quality of service guarantees for virtual hosts of a virtual hosting system that utilizes a fork after accept method.

FIG. 4A, FIG. 4B, FIG. 4C, and FIG. 4D are block diagrams illustrating, in greater detail, select features depicted in FIG. 3. FIG. 4A illustrates pointers inserted into the operating system. FIG. 4B illustrates copies of pointers to operating system calls saved to computer memory. FIG. 4C illustrates the content of object code inserted into the operating system. FIG. 4D illustrates the content of association tables.

FIG. 5 is a block diagram illustrating a system for setting quality of service guarantees for virtual hosts of a name-based virtual hosting system according to one embodiment of the present invention.

FIG. 6A, FIG. 6B, and FIG. 6C are block diagrams illustrating, in greater detail, select features depicted in FIG. 5. FIG. 6A illustrates pointers inserted into the operating system. FIG. 6B illustrates copies of pointers to operating system calls saved to computer memory. FIG. 6C illustrates the content of object code inserted into the operating system.

FIG. 7 is a block diagram illustrating an embodiment in which the present invention comprises a stand alone virtual host system.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS System Overview

FIG. 1 presents a high level overview of a system for setting quality of service guarantees for virtual hosts in accordance with a preferred embodiment of the present invention. A single, physical host computer 101 contains computer memory 103, conventional processor(s), networking interfaces, and input/output devices (not shown). An operating system 105, a virtual host server application program 107, and a plurality of child processes 109 of the server application program 107 reside in the computer memory 103. For purposes of example, FIG. 1 illustrates three child processes 109 of the virtual host server application program 107: a first child process 109A, a second child process 109B, and a third child process 109C. It is to be understood that more or fewer child processes 109 can reside in the computer memory 103 as desired.

Client computers 111 send requests 113 to a plurality of virtual hosts 115 which are supported by the server 107. All such requests are received by the server application program 107 and are processed by the child processes 109. For purposes of example, FIG. 1 illustrates three client computers 111 (client computer 111A, client computer 111B, and client computer 111C), each making separate requests 113 to a separate virtual host 115. It is to be understood that more or fewer client computers 111 can make more or fewer requests 113 to more or fewer virtual hosts 115. It is to be understood that the clients 111 are typically remote from the server 107 and physical host computer 101.

A virtual host quality of service application program 117 executes in the computer memory 103 of the physical host computer 101. The virtual host quality of service application program 117 inserts a quality of service parameter table 119 and object code 121 into the operating system 105 in the computer memory 103. Additionally, the virtual host quality of service application program 117 inserts, into the interrupt vector table 123 of the operating system 105, a pointer 125 to the object code 121. The object code 121 reads the quality of service parameter table 119, and calls the quality of service manager 127 of the operating system 105 to set appropriate quality of service guarantees for the virtual hosts 115 serviced by the virtual host server application program 107. The virtual hosts 115 then transmit responses 129 to the client computers 111. The features and functionality depicted in FIG. 1 are described in detail below.

Providing Quality of Service Guarantees to Network Address-Based Virtual Host Systems

I. Virtual Host Systems Utilizing the Fork Before Accept Method

FIG. 2 illustrates a virtual host application program 117 for providing quality of service guarantees to virtual hosts 115 of a server program 107 that utilizes the fork before accept virtual hosting method. As explained previously, clients 111 make requests 113 to specific virtual hosts 115. In a network address-based system, a virtual host 115 is identified by a network address 201. In other words, clients 111 transmit communication requests 113 to individual network addresses 201. Multiple network addresses 201 are assigned to the single, physical host computer 101, and communication requests thereto are serviced by the virtual host server program 107.

A virtual host server 107 that utilizes the fork before accept virtual hosting method generates a plurality of child processes 109, each of which waits for an incoming communication request 113. When a child process 109 receives a request 113, the child process 109 establishes a communication channel between itself and the requesting client 111. The child process 109 proceeds to use the communication channel to service the request 113 that was made by the client 111 to the network address 201.

During the time that the child process 109 services the communication request 113 to the specific network address 201, it is desirable for the child process 109 to be guaranteed a specific quality of service according to parameters for the virtual host 115 with which the network address 201 is associated. For this reason, the present invention detects when a child process 109 is accepting a communication request 113, and sets quality of service guarantees for the child process 109 based on parameters for the network address 201 to which the request 113 is directed. When the child process 109 finishes a communication session initiated by a request 113 to a specific network address 201, the child process 109 closes the established communication channel and waits for another incoming request 113. The next request 113 the child process 109 receives may be directed to a different network address 201 and hence may require that different quality of service parameters be set for the child process 109. Therefore, the present invention detects when the child process 109 establishes a communication channel to service the new request 113 and proceeds to request appropriate quality of service guarantees for the target network address 201.

In the embodiment of the present invention depicted in FIG. 2, a virtual host quality of service application program 117 executes in the computer memory 103. The quality of service program 117 inserts a quality of service parameter table 119 into the operating system 105 of the host computer 101. The quality of service table 119 contains quality of service parameters for each network address 201 associated with one of the virtual hosts 115 serviced by the virtual host server 107. The quality of service program 117 utilizes techniques known in the art to insert the table 119 into the operating system 105. In a preferred embodiment, the present invention dynamically links a module to an operating system kernel, which the kernel is active. The module is preferably in the form of object code comprising an empty quality of service table 119, and subroutines to add, modify, and delete quality of service parameters for different virtual hosts. The quality of service application program 117 then calls the appropriate subroutine to add the quality of service parameters for the virtual hosts 115 serviced by the server program 107. The quality of service program 117 utilizes the subroutines to add, modify, and delete quality of service parameters as desired. In alternative embodiments, the module contains additional subroutines, or only a subset of the subroutines listed above. In one alternative embodiment, the table 119 is first filled with quality of service parameters and then linked to kernel as a module. In an alternative embodiment, the quality of service table 119 is stored outside of the operating system 105 in computer memory 103.

The quality of service program 117 also inserts object code 121 into the operating system 105. Preferably, the object code is dynamically linked to the operating system kernel as a module. The contents and execution of the object code 121 are discussed in detail below. In an alternative embodiment, the object code 121 resides outside of the operating system 105 in computer memory 103. The quality of service program 117 makes a copy 203 of an internal operating system pointer to the operating system function that is called to establish a communication channel. In an alternative embodiment, the copy 203 is made by a module linked to the operating system kernel. In the UNIX operating system, this function is the operating system accept function 205, as pictured in FIG. 2. The copy 203 of the pointer to the system accept function 205 is stored in conventional computer memory 103. In another embodiment, the copy 203 of the pointer is stored in the operating system 105.

It is to be understood that the name of the system function that is called to establish a communication channel can vary from operating system to operating system. The present invention is not limited to any specific operating system, or to any specific operating system function name. Furthermore, some operating systems include more than one function that establishes a communication channel. Embodiments of the present invention targeted for such operating systems create copies 203 of the pointers to all such operating system functions.

The pointer to the system accept function 205 is located in the operating system 105 interrupt vector table 123. It is to be understood that the term “interrupt vector table” as used herein denotes an area in operating system memory in which are stored the addresses of operating system functions (system calls). In the UNIX operating system, this part of the operating system is called the “interrupt vector table,” and that term is used in this specification. Other operating systems employ different terminology to denote the same system component. An interrupt vector table by any other name is still within the scope of the present invention.

The quality of service program 117 replaces the pointer to the system accept function 205 with a pointer 125 to the inserted object code 121, such that when the system accept function 205 is called, the inserted object code 121 is executed instead. In another embodiment, this pointer replacement is executed by a module linked to the operating system 105 kernel. Executing alternative code when a system call is made comprises intercepting the system call. The steps of inserting object code 121 into the operating system 105, making a copy 203 of an operating system pointer, and replacing the operating system pointer with a pointer 125 to the inserted object code facilitate interception of a system call.

When a call is made to the system accept function 205, the operating system 105 uses the pointer 125 in the interrupt vector table 123 to execute the object code 121. The object code 121 first utilizes the saved copy 203 of the pointer to the system accept function 205 to call the system accept function 205. The system accept function 205 executes, thereby establishing the communication channel. When the accept function 205 terminates, the object code 121 continues to execute. The object code 121 determines if the communication channel that was established is to one of the network addresses 201 associated with one of the virtual hosts 115 serviced by the server program 107. Preferably, this determination is made by reading an operating system variable 207 that identifies the network address 201 associated with the communication channel. In UNIX, this system variable 207 is called “local_name,” and is set by the accept function 205. In other operating systems the variable 207 is denoted by a different name. Alternative embodiments of the present invention utilize other methods to determine the network address 201 to which the communication channel was established, for example reading a return value of a system function, polling a system communication manager, or other similar mechanisms as desired.

Where the communication channel that was established is not to one of the network addresses 201 associated with one of the virtual hosts 115, the object code 121 simply exits. The channel will not be used for communication to a virtual host 115, and thus no quality of service guarantees need to be made by the present invention. Where the communication channel is to one of the network addresses 201 associated with one of the virtual hosts 115, the object code 121 requests, from the operating system 105, an appropriate quality of service guarantee for the process that called the system accept function 205.

To set the quality of service guarantees, the object code 121 reads the quality of service table 119, and locates the quality of service parameters for the virtual host 115 associated with the network address 201 to which the communication channel was established. The object code 121 then calls the operating system quality of service manager 127 to request an appropriate quality of service guarantee to the child process 109 that called the system accept function 205. The appropriate quality of service to guarantee is that specified by the quality of service parameters for the virtual host 115 to which the communication channel has been established. Once the quality of service guarantee has been requested, the object code 121 exits, and the child process 109 sends a response 129 to the client 111 via the established communication channel. Communication between the client 111 and the virtual host 115 proceeds over the communication channel. The communication is managed by the child process 109, which has been guaranteed appropriate quality of service.

II. Virtual Host Systems Utilizing the Fork After Accept Method

FIG. 3 illustrates a virtual host application program 117 for providing quality of service guarantees to virtual hosts 115 of a server program 107 that utilizes the fork after accept virtual hosting method. As explained previously, communication requests 113 to specific network addresses 201 are made by client computers 111 and are serviced by the virtual host server program 107. A virtual host server 107 that utilizes the fork after accept virtual hosting method accepts a communication request 113, establishes a communication channel between the client computer 111 and the network address 201, and then generates a child process 109. The child process 109 uses the communication channel created by the server 107 to service the request 113 that was made by the client 111 to the network address 201. During the time that the child process 109 services the communication request 113 to the specific network address 201, it is desirable for the child process 109 to be guaranteed quality of service according to parameters for the virtual host 115 with which the network address 201 is associated.

In the embodiment of the present invention depicted in FIG. 3, a virtual host quality of service program 117 executes in the computer memory 103. The quality of service program 117 inserts a quality of service parameter table 119 and object code 121 into the operating system 105 of the host computer 101, in the manner described above. As described above, preferably the object code is dynamically linked to the operating system kernel as a module. The contents and execution of the object code 121 are discussed in detail below.

The quality of service program 117 makes copies 203 of multiple internal operating system pointers to operating system functions. In an alternative embodiment, the copies 203 are made by a module linked to the operating system kernel. The present invention makes copies 203 of the pointers to the following operating system functions: system functions to establish a communication channel (for example, the UNIX accept function) 205, system functions to generate a child process (for example, the UNIX fork function) 301, system functions to copy a file or a file descriptor (for example, the UNIX dup and dup2 functions), and system functions to read data from a file (for example, the UNIX read function). The copies 203 of the pointers to the system functions are preferably stored in conventional computer memory 103. Alternatively, the copies 203 are stored in the operating system 105.

It is to be understood that the names of the relevant system functions can vary from operating system to operating system. The present invention is not limited to any specific operating system, or to any specific operating system function names. Furthermore, some operating systems include more than one function which performs the above described functionality. Embodiments of the present invention targeted for such operating systems create copies 203 of the pointers to the appropriate operating system functions. For purposes of example, this specification refers to the system accept function 205, the system fork function 301, the system dup function 303, and the system read function 305, as depicted in FIG. 3. It is to be understood that references to the system accept function 205 apply to all system functions to establish a communication channel, references to the system fork function 301 apply to all system functions to generate a child process, references to the system dup function 303 apply to all system functions to copy a file or to copy a file descriptor, and references to the system read function 305 apply to all system functions to read data from a file or to read data from a communication channel.

The pointers to the above listed system functions are located in the operating system 105 interrupt vector table 123. The quality of service program 117 replaces the pointers with pointers 125 to inserted object code 121, such that when a targeted system function is called, inserted object code 121 is executed instead. In an alternative embodiment, the replacement is executed by a module linked to the operating system kernel. The embodiment of the present invention depicted in FIG. 3 intercepts the system accept function 205, the system fork function 301, the system dump function 303 and the system read function 305.

When a call is made to an intercepted function 205, inserted object code 121 executes. This inserted object code 121 is called as a wrapper. For example, the accept wrapper is the inserted object code 121 that executes when the system accept function 205 is called. FIG. 4C illustrates the content of the inserted object code 121 in the embodiment of FIG. 3. The object code 121 contains an accept wrapper 417, a fork wrapper 419, a dup wrapper 421, and a read wrapper 423. FIG. 4A illustrates pointers 125 inserted into the interrupt vector table: a pointer 401 to the accept wrapper 417, a pointer 403 to the fork wrapper 419, a pointer 405 to the dup wrapper 421, and a pointer 407 to the read wrapper 423. FIG. 4B illustrates the copies 203 of pointers: a copy of the pointer 409 to the system accept function 205, a copy of the pointer 411 to the system fork function 301, a copy of the pointer 413 to the system dup function 303, a copy of the pointer 415 to the system read function 305.

Returning to FIG. 3, whenever a process establishes a communication channel, the accept wrapper 417 executes. The accept wrapper 417 first utilizes the saved copy of the pointer 409 to the system accept function 205 to call the system accept function 205. The system accept function 205 executes, thereby establishing the communication channel. When the accept function 205 terminates, the accept wrapper 417 continues to execute. The accept wrapper 417 determines if the communication channel that was established is to one of the network addresses 201 associated with one of the virtual hosts 115 serviced by the server program 107. As described above, this determination is preferably made by reading an operating system variable 207 that identifies the network address 201 associated with the communication channel.

Where the communication channel that was established is not to one of the network addresses 201 associated with one of the virtual hosts 115, the accept wrapper 417 exits. The channel will not be used for communication to a virtual host 115, and thus no quality of service guarantees need to be made by the present invention. Where the communication channel is to one of the network addresses 201 associated with one of the virtual hosts 115, the present invention requests an appropriate quality of service guarantee for the child process 109 that will manage the communication. Because the child process 109 has not yet been generated by the server application 107, the present invention stores select information in a set of association tables 307. The information stored will allow the present invention to later identify the child process 109 managing the communication, and set appropriate quality of service for that child process 109. Preferably, the association tables 307 reside in conventional computer memory 103. In alternative embodiments, the association tables are inserted into the operating system 105. FIG. 4D illustrates the content of one embodiment of the association tables 307. Preferably, there are three association tables: an application program-communication channel association table 425, an application program-child process association table 427, and a file descriptor-file descriptor copy association table 429.

Returning to FIG. 3, the accept wrapper 417 isolates an identifier of the process that established the communication channel. Preferably, the identifier comprises an operating system 105 assigned process identification (PID) of the process that called the accept function 205. The accept wrapper 417 also isolates an identifier of the communication channel itself. In UNIX, as well as in many other operating systems, a communication channel (socket) is identified by a file descriptor. Embodiments of the present invention targeted for such operating systems isolate the file descriptor associated with the communication channel. Other operating systems employ alternative mechanisms to identify a communication channel, and corresponding embodiments to the present invention isolate appropriate identifiers accordingly.

The present invention stores, in the application program-communication channel association table 425, the process identifier, the file descriptor (or alternatively other identifier) associated with the communication channel, and the network address 201 to which the communication channel was established. Thus, the application program-communication channel association table 425 contains, for each communication channel established to one of the network addresses 201 associated with one of the virtual hosts 115, a record that a specific process established a specific communication channel between a client 111 and a specific network address 201. Once these associations are stored, the accept wrapper 417 exits.

Recall that a virtual host server 107 that utilizes the fork after accept method will, after establishing a communication channel between a client 111 and a virtual host 115, generate a child process 109 to manage the communication. Whenever any application generates a child process 109, the fork wrapper 419 executes. The fork wrapper 419 first uses the copy of the pointer 403 to the system fork function 301 to call the system fork function 301. The system fork function 301 executes and generates a child process 109. When the system fork function 301 exits, the fork wrapper 419 continues to execute. The fork wrapper 419 stores, in the application program-child process association table 427, the process identification (or alternative identifier) for the application program that called the system fork function 301, as well as the process identification (or alternative identifier) for the generated child process 109. Thus, the application program-child process association table 427 contains associations between all application programs and all child processes 109 thereof.

Whenever any process copies a file, or a descriptor of a file, the dup wrapper 421 executes. The dup wrapper 421 utilizes the copy of the pointer 413 to the system dup function 303 to execute the system dup function 303. The system dup function 303 executes and creates a copy of a file (or a copy of a file descriptor). When the system dup function 303 exits, the dup wrapper 421 continues to execute. The dup wrapper 421 stores, in the file descriptor-file descriptor copy association table 429, the association between the file descriptor of the file copied by the system dup function 303 and the file descriptor of the copy thereof. Where only a file descriptor was copied by the system dup function 303, the dup wrapper 421 stores the association between the source file descriptor and the copy of the source file descriptor. Thus, for every copied file descriptor, the file descriptor-file descriptor copy association table 429 contains an association between the original file descriptor and the copy thereof.

Whenever a process calls the system read function 305, the read wrapper 423 executes. The read wrapper 423 checks the association tables 307 to determine whether the process that called the system read function 305 is a child process 109 of an application program that established a communication channel to a virtual host 115. To make this determination, the read wrapper 423 first checks the application program-child process association table 427 to determine if the process that called the system read function 305 is a child process 109 of another process. If the process that called the system read function 305 is a child process 109, the read wrapper 423 checks the application program-communication channel association table 425 to determine if the parent process established a communication channel to a network address 201 associated with one of the virtual hosts 115.

If the process that called the system read function 305 is a child process 109 of a parent process that established a communication channel to a virtual host 115, the read wrapper 423 determines if the child process 109 called the system read function 305 in order to read from the communication channel to the virtual host 115 established by the parent process. To make this determination, the read wrapper 423 compares the file descriptor that the system read function 305 was called to read from with the file descriptor, in the application program-communication channel association table 425, associated with the communication channel established by the parent process to the virtual host 115.

If the file descriptor of the read function 305 is not identical to the file descriptor associated with the communication channel, the read wrapper 423 checks the file descriptor-file descriptor copy association table 429 to determine whether the file descriptor is a copy of the file descriptor associated with the communication channel. Recall that the file descriptor-file descriptor copy association table 429 contains associations between all file descriptors and copies thereof. The read wrapper 423 examines the table to determine whether the file descriptor is a copy of another file descriptor, and if so whether the source file descriptor is the descriptor associated with the communication channel to the virtual host 115 established by the parent process.

If the file descriptor is the descriptor of the communication channel (or a copy thereof) the read wrapper 423 examines the application program communication channel association table 425 to determine to which network address 201 the communication channel was established by the server program 107.

If the process that called the system read function 305 is not a child process 109 of an application program that established a communication channel to a virtual host 115, or if the process is not reading from the communication channel to a virtual host 115 established by the parent process, the read wrapper 423 uses the copy of the pointer 415 to the system read function 305 to call the system read function 305, which proceeds to execute. If, on the other hand, the process that called the system read function 305 is a child process 109 of an application program that established a communication channel to a virtual host 115, and the process is reading from the communication channel to a virtual host 115 established by the parent process, the read wrapper 423 proceeds to set appropriate quality of service guarantees for the child process 109.

To set the quality of service guarantees, the read wrapper 423 reads the quality of service table 119, and locates the quality of service parameters for the virtual host 115 associated with the network address 201 to which the communication channel was established. The read wrapper 423 then calls the quality of service manager 127 to request an appropriate quality of service guarantee to the child process 109 that called the system read function 305. Once the quality of service guarantee has been requested, the read wrapper 423 utilizes the copy of the pointer 415 to the system read function 305 to call the system read function 305. The system read function 305 proceeds to read data from the communication channel. Then, the child process 109, which has been guaranteed appropriate quality of service, continues to manage communication between the client 111 and the virtual host 115 over the communication channel.

It is to be understood that in various embodiments of the present invention, the quality of service application program 117 intercepts not only the system read function 305, but other system functions that transport data through a communication channel. For example, different embodiments intercept a system write function, a system transport function, and other such functions as desired. The present invention includes in its scope intercepting any system function which transports data through a communication channel, and proceeding to set quality of service parameters for a child process in the manner detailed above in the description of intercepting the system read function 305.

Providing Quality of Service Guarantees to Name-Based Virtual Host Systems

FIG. 5 illustrates a virtual host application program 117 for providing quality of service guarantees to virtual hosts 115 of a name-based virtual hosting system. As explained previously, in a name-based system a virtual host 115 is identified not by a network address 201, but instead by a domain name 500. Thus, clients 111 transmit communication requests 113 to individual domain names 500. Multiple such domain names 500 are assigned to the single, physical host computer 101, and communication requests thereto are serviced by the virtual host server program 107.

In the embodiment of the present invention depicted in FIG. 5, a virtual host quality of service application program 117 executes in the computer memory 103 of the single, physical host computer 101. As in the embodiments of FIGS. 2 and 3, the quality of service program 117 inserts a quality of service parameter table 119 into the operating system 105 of the host computer 101. In the embodiment of FIG. 5, the quality of service table 119 contains quality of service parameters for each domain name 500 associated with one of the virtual hosts 115 serviced by the virtual host server 107. As in the embodiments of FIGS. 2 and 3, the quality of service program 117 also inserts object code 121 into the operating system 105. The nature of this object code 121 is explained in detail later in this specification. As in the embodiments of FIGS. 2 and 3, the quality of service table 119, the object code 121, or both are alternatively stored in conventional computer memory 103.

The quality of service program 117 makes copies 203 of multiple internal operating system pointers to operating system functions. The program 117 makes copies 203 of pointers to the following operating system functions: the system functions to read data from a file (for example, the UNIX read function) and the system functions to close a file (for example, the UNIX close function). The copies 203 of the pointers to the system functions are preferably stored in conventional computer memory 103. Alternatively, the copies 203 of the pointers are inserted into the operating system 105. As explained above, it is to be understood that alternative embodiments of the present invention create copies 203 of pointers to other operating system functions as desired.

The pointers to the above listed system functions are located in the operating system 105 interrupt vector table 123. The quality of service program 117 (or alternatively a module linked to the operating system kernel) replaces the pointers with pointers 125 to inserted object code 121, such that when a targeted system function is called, inserted object code 121 is executed instead. The embodiment of the present invention depicted in FIG. 5 intercepts the system read function 305, and the system close function.

When a call is made to an intercepted function 205, inserted object code 121 executes. As explained earlier in this specification, this inserted object code 121 is known as a wrapper. FIG. 6C illustrates the content of the inserted object code 121 in the embodiment of the present invention depicted in FIG. 5. The inserted object code contains a read wrapper 423 and a close wrapper 605. FIG. 6A illustrates the pointers 125 inserted into the interrupt vector table 123: a pointer 407 to the read wrapper 423 and a pointer 601 to the close wrapper 605. FIG. 6B illustrates the copies 203 of pointers: a copy of the pointer 415 to the system read function 305 and a copy of the pointer 603 to the system close function 507.

Returning to FIG. 5, whenever a process calls the system read function 305, the read wrapper 423 executes. The read wrapper 423 uses the copy of the pointer 415 to the system read function 305 to call the system read function 305. The system read function 305 executes and reads data from a file descriptor. When the system read function 305 terminates, the read wrapper 423 resumes execution. The read wrapper 423 proceeds to determine if appropriate quality of service has already been guaranteed for the process that called the system read function 305. To make this determination, the read wrapper 423 examines a plurality of read flags 501, which may be stored in conventional computer memory 103 or inserted into the operating system 105. Each read flag 501 contains an identifier of a process (preferably a PID), an identifier of a communication channel (preferably a file descriptor), and an indication (flag) of whether quality of service has been guaranteed to the identified process for servicing communication via the channel. The read wrapper 423 examines the read flags 501 to determine whether appropriate quality of service has already been set for the combination of the process that called the read function 423 and the file descriptor from which that process is attempting to read data. If quality of service has already been set, the read wrapper 423 simply exits. On the other hand, if quality of service has not been set, the read wrapper 423 determines if the process is servicing a virtual host 115.

To so determine, the read wrapper 423 parses a read buffer 503 returned by the system read function 305. The read buffer 503 contains the name 505 of the file (or file equivalent, such as communication channel) from which the system read function 305 read data. The read wrapper 423 isolates this name 505 and compares it to the domain names 500 of the virtual hosts 115. If the name 505 is not a domain name 500 of a virtual host 115, the read wrapper 423 exits. The system read function 305 was not called to read data across a communication channel between a client 111 and virtual host 115, so the read wrapper 423 need not set quality of service for the process that called the read function 305. However, if the name 505 from the read buffer 503 is the domain name 500 of a virtual host 115, the read wrapper 423 must set quality of service guarantees for the process that called the read function 305.

To set the quality of service guarantees, the read wrapper 423 reads the quality of service table 119, and locates the quality of service parameters for the virtual host 115 associated with the name 505 from the read buffer 503. The read wrapper 423 then calls the quality of service manager 127 to request an appropriate quality of service guarantee to the process 109 that called the system read function 305. The read wrapper 423 then exits. The process 109 which called the system read function 305, which has been guaranteed appropriate quality of service, continues to manage communication between the client 111 and the virtual host 15 over the communication channel. It is to be understood that, as explained above, various embodiments of the present invention intercept various system calls that perform identical or similar tasks.

Whenever a process calls the system close function 507, the close wrapper 605 executes. The close wrapper 605 uses the copy of the pointer 603 to the system close function 507 to call the system close function 507. The system close function 507 executes and closes the file. When the system close function 507 terminates, the close wrapper 605 resumes execution. The close wrapper 605 checks the plurality of read flags 501 for a flag concerning the combination of the process that called the close function 507 and the file descriptor of the file that the process is attempting to close. If there is no read flag 501 for the combination, the close wrapper 605 simply exits. The combination is not one pertaining to virtual host 115 communication, and the close wrapper 605 need not adjust the read flags 501. On the other hand, if a read flag 501 exists for the combination, the close wrapper 605 modifies it to indicate that quality of service has not been set for the combination. This is useful because the process that called the close function 507 may later utilize the same file descriptor to manage communication between a client 111 and a different virtual host 115, requiring a different quality of service guarantee. Thus, it is useful that the read flag 501 indicates quality of service is not set.

Providing Quality of Service Guarantees to Virtual Host Systems by a Stand Alone Server Application Program

FIG. 7 illustrates an embodiment in which the present invention comprises a stand alone virtual host system 700 that sets appropriate quality of service guarantees for the virtual hosts 115 which it services. In the embodiment of FIG. 7, the present invention is in the form of a server application program 107 executing in the computer memory 103 of a stand alone host computer 101. The server program 107 stores a quality of service table 119 in computer memory 103. The table 119 contains quality of service parameters for all of the virtual hosts 115 serviced by the system. All client 111 requests 113 for communication with virtual hosts 115 are received by the server program 107.

When utilizing the fork after accept method, the server program 107 first receives a client 111 request 113 to communicate with a virtual host 115 and then creates a child process 109 to manage communication between the virtual host 115 and the client 109. Next, the server program 107 obtains the quality of service parameters associated with the virtual host 115 from the quality of service table 119. The server application program 107 then calls the operating system quality of service manager 127 to request an appropriate quality of service guarantee for the child process 109. The child process 109 proceeds to manage the communication between the client 111 and the virtual host 115.

When utilizing the fork before accept method, the server program 107 first creates a plurality of child processes 109 to manage communication requests 113 made to virtual hosts 115 by clients 111. When the server program 107 receives a communication request 113 made to a select one of the virtual hosts 115 by a client 111, the server program 107 obtains the quality of service parameters associated with the virtual host 115 from the quality of service table 119. The server program 107 then calls the operating system quality of service manager 127 to request an appropriate quality of service guarantee for the child process 109. The child process 109 proceeds to manage the communication between the client 111 and the virtual host 115.

It is to be understood that the present invention is not limited to guaranteeing appropriate quality of service to a plurality of virtual hosts. The present invention can be utilized to make appropriate quality of service guarantees to a plurality of virtual processes of any nature.

Patent Citations
Cited PatentFiling datePublication dateApplicantTitle
US3377624Jan 7, 1966Apr 9, 1968IbmMemory protection system
US4177510Dec 2, 1974Dec 4, 1979Compagnie Internationale pour l'Informatique, CII Honeywell BullProtection of data in an information multiprocessing system by implementing a concept of rings to represent the different levels of privileges among processes
US5189667Jan 10, 1991Feb 23, 1993Kabushiki Kaisha ToshibaMethod and apparatus for controlling call processing based upon load conditions
US5212793Sep 4, 1991May 18, 1993International Business Machines Corp.Generic initiators
US5226160Jul 18, 1989Jul 6, 1993VisageMethod of and system for interactive video-audio-computer open architecture operation
US5249290Feb 22, 1991Sep 28, 1993At&T Bell LaboratoriesMethod of and apparatus for operating a client/server computer network
US5263147Mar 1, 1991Nov 16, 1993Hughes Training, Inc.System for providing high security for personal computers and workstations
US5325530Jan 29, 1993Jun 28, 1994International Business Machines CorporationController for sequential programming tools executed in a parallel computing environment
US5437032Aug 19, 1994Jul 25, 1995International Business Machines CorporationTask scheduler for a miltiprocessor system
US5528753Jun 30, 1994Jun 18, 1996International Business Machines CorporationSystem and method for enabling stripped object software monitoring in a computer system
US5572680Aug 20, 1993Nov 5, 1996Fujitsu LimitedMethod and apparatus for processing and transferring data to processor and/or respective virtual processor corresponding to destination logical processor number
US5584023Dec 27, 1993Dec 10, 1996Hsu; Mike S. C.Computer system including a transparent and secure file transform mechanism
US5603020Aug 24, 1994Feb 11, 1997Fujitsu LimitedMethod for detecting file names by informing the task of the identification of the directory antecedent to the file
US5623492Mar 24, 1995Apr 22, 1997U S West Technologies, Inc.Methods and systems for managing bandwidth resources in a fast packet switching network
US5636371Jun 7, 1995Jun 3, 1997Bull Hn Information Systems Inc.Virtual network mechanism to access well known port application programs running on a single host system
US5640595 *Jun 29, 1993Jun 17, 1997International Business Machines CorporationMultimedia resource reservation system with graphical interface for manual input of resource reservation value
US5692047Dec 8, 1995Nov 25, 1997Sun Microsystems, Inc.System and method for executing verifiable programs with facility for using non-verifiable programs from trusted sources
US5706097Sep 13, 1996Jan 6, 1998Eastman Kodak CompanyIndex print with a digital recording medium containing still images, motion sequences, and sound sequences
US5706453Feb 6, 1995Jan 6, 1998Cheng; Yang-LehIntelligent real-time graphic-object to database linking-actuator for enabling intuitive on-screen changes and control of system configuration
US5708774Jul 23, 1996Jan 13, 1998International Business Machines CorporationAutomated testing of software application interfaces, object methods and commands
US5719854Apr 5, 1996Feb 17, 1998Lucent Technologies Inc.Efficiently providing multiple grades of service with protection against overloads in shared resources
US5727203Mar 31, 1995Mar 10, 1998Sun Microsystems, Inc.Methods and apparatus for managing a database in a distributed object operating environment using persistent and transient cache
US5742772 *May 5, 1997Apr 21, 1998Lucent Technologies Inc.Resource management system for a broadband multipoint bridge
US5748614Jun 6, 1996May 5, 1998Siemens AktiengesellschaftMethod for scheduling message cells leaving an ATM node
US5752003Jul 14, 1995May 12, 19983 Com CorporationArchitecture for managing traffic in a virtual LAN environment
US5761477Dec 4, 1995Jun 2, 1998Microsoft CorporationMethods for safe and efficient implementations of virtual machines
US5764889Sep 26, 1996Jun 9, 1998International Business Machines CorporationMethod and apparatus for creating a security environment for a user task in a client/server system
US5781550Feb 2, 1996Jul 14, 1998Digital Equipment CorporationTransparent and secure network gateway
US5799173May 21, 1997Aug 25, 1998International Business Machines CorporationDynamic workload balancing
US5809527Dec 23, 1993Sep 15, 1998Unisys CorporationOutboard file cache system
US5828893Aug 21, 1995Oct 27, 1998Motorola, Inc.System and method of communicating between trusted and untrusted computer systems
US5838686Apr 22, 1994Nov 17, 1998Thomson Consumer Electronics, Inc.System for dynamically allocating a scarce resource
US5838916Mar 14, 1997Nov 17, 1998Domenikos; Steven D.Systems and methods for executing application programs from a memory device linked to a server
US5842002May 30, 1997Nov 24, 1998Quantum Leap Innovations, Inc.Computer virus trap
US5845129Mar 22, 1996Dec 1, 1998Philips Electronics North America CorporationProtection domains in a single address space
US5850399Mar 27, 1998Dec 15, 1998Ascend Communications, Inc.Hierarchical packet scheduling method and apparatus
US5860004Jul 3, 1996Jan 12, 1999Sun Microsystems, Inc.Code generator for applications in distributed object systems
US5864683Oct 12, 1994Jan 26, 1999Secure Computing CorporartionSystem for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
US5889956Jul 18, 1996Mar 30, 1999Fujitsu LimitedHierarchical resource management with maximum allowable allocation boundaries
US5889996Dec 16, 1996Mar 30, 1999Novell Inc.Accelerator for interpretive environments
US5892968Oct 15, 1996Apr 6, 1999Hitachi, Ltd.Multimedia data transferring method
US5905730Mar 27, 1998May 18, 1999Ascend Communications, Inc.High speed packet scheduling method and apparatus
US5905859Jan 9, 1997May 18, 1999International Business Machines CorporationManaged network device security method and apparatus
US5913024Feb 9, 1996Jun 15, 1999Secure Computing CorporationSecure server utilizing separate protocol stacks
US5915085Feb 28, 1997Jun 22, 1999International Business Machines CorporationMultiple resource or security contexts in a multithreaded application
US5915095Aug 8, 1995Jun 22, 1999Ncr CorporationMethod and apparatus for balancing processing requests among a plurality of servers based on measurable characteristics off network node and common application
US5918018Feb 9, 1996Jun 29, 1999Secure Computing CorporationSystem and method for achieving network separation
US5920699Nov 7, 1996Jul 6, 1999Hewlett-Packard CompanyBroadcast isolation and level 3 network switch
US5933603Jun 10, 1996Aug 3, 1999Emc CorporationVideo file server maintaining sliding windows of a video data set in random access memories of stream server computers for immediate video-on-demand service beginning at any specified location
US5937159Mar 28, 1997Aug 10, 1999Data General CorporationSecure computer system
US5944795 *Jul 12, 1996Aug 31, 1999At&T Corp.Client-server architecture using internet and guaranteed quality of service networks for accessing distributed media sources
US5956481Feb 6, 1997Sep 21, 1999Microsoft CorporationMethod and apparatus for protecting data files on a computer from virus infection
US5961582Oct 25, 1994Oct 5, 1999Acorn Technologies, Inc.Distributed and portable execution environment
US5978373Jul 11, 1997Nov 2, 1999Ag Communication Systems CorporationWide area network system providing secure transmission
US5982748Oct 3, 1996Nov 9, 1999Nortel Networks CorporationMethod and apparatus for controlling admission of connection requests
US5987524Sep 30, 1997Nov 16, 1999Fujitsu LimitedLocal area network system and router unit
US5991812Mar 6, 1997Nov 23, 1999Controlnet, Inc.Methods and apparatus for fair queuing over a network
US5999963 *Nov 7, 1997Dec 7, 1999Lucent Technologies, Inc.Move-to-rear list scheduling
US6016318Jul 14, 1997Jan 18, 2000Nec CorporationVirtual private network system over public mobile data network and virtual LAN
US6018527Aug 13, 1996Jan 25, 2000Nortel Networks CorporationQueue service interval based cell scheduler with hierarchical queuing configurations
US6023721May 14, 1997Feb 8, 2000Citrix Systems, Inc.Method and system for allowing a single-user application executing in a multi-user environment to create objects having both user-global and system global visibility
US6038608Nov 25, 1997Mar 14, 2000Nec CorporationVirtual LAN system
US6047325Aug 24, 1998Apr 4, 2000Jain; LalitNetwork device for supporting construction of virtual local area networks on arbitrary local and wide area computer networks
US6055617Aug 29, 1997Apr 25, 2000Sequent Computer Systems, Inc.Virtual address window for accessing physical memory in a computer system
US6061349May 2, 1997May 9, 2000Cisco Technology, Inc.System and method for implementing multiple IP addresses on multiple ports
US6065118Sep 24, 1996May 16, 2000Citrix Systems, Inc.Mobile code isolation cage
US6075791Oct 28, 1997Jun 13, 2000Lucent Technologies Inc.System for guaranteeing data transfer rates and delays in packet networks
US6075938Jun 10, 1998Jun 13, 2000The Board Of Trustees Of The Leland Stanford Junior UniversityVirtual machine monitors for scalable multiprocessors
US6078929Jun 6, 1997Jun 20, 2000At&TInternet file system
US6078957Nov 20, 1998Jun 20, 2000Network Alchemy, Inc.Method and apparatus for a TCP/IP load balancing and failover process in an internet protocol (IP) network clustering system
US6086623 *Jun 30, 1997Jul 11, 2000Sun Microsystems, Inc.Method and implementation for intercepting and processing system calls in programmed digital computer to emulate retrograde operating system
US6092178Sep 3, 1998Jul 18, 2000Sun Microsystems, Inc.System for responding to a resource request
US6094674 *Jun 29, 1998Jul 25, 2000Hitachi, Ltd.Information processing system and information processing method and quality of service supplying method for use with the system
US6101543Oct 25, 1996Aug 8, 2000Digital Equipment CorporationPseudo network adapter for frame capture, encapsulation and encryption
US6108701Jul 20, 1998Aug 22, 2000Lucent Technologies, Inc.Soft switch extension for internet protocol applications
US6108759Sep 17, 1997Aug 22, 2000Powerquest CorporationManipulation of partitions holding advanced file systems
US6122673Jul 22, 1998Sep 19, 2000Fore Systems, Inc.Port scheduler and method for scheduling service providing guarantees, hierarchical rate limiting with/without overbooking capability
US6154776Mar 20, 1998Nov 28, 2000Sun Microsystems, Inc.Quality of service allocation on a network
US6154778May 19, 1998Nov 28, 2000Hewlett-Packard CompanyUtility-based multi-category quality-of-service negotiation in distributed systems
US6161139Feb 12, 1999Dec 12, 2000Encommerce, Inc.Administrative roles that govern access to administrative functions
US6167520Jan 29, 1997Dec 26, 2000Finjan Software, Inc.System and method for protecting a client during runtime from hostile downloadables
US6172981Oct 30, 1997Jan 9, 2001International Business Machines CorporationMethod and system for distributing network routing functions to local area network stations
US6189046Mar 27, 1997Feb 13, 2001Hewlett-Packard CompanyMechanism and method for merging cached location information in a distributed object environment
US6192389 *Mar 28, 1997Feb 20, 2001International Business Machines CorporationMethod and apparatus for transferring file descriptors in a multiprocess, multithreaded client/server system
US6192512Sep 24, 1998Feb 20, 2001International Business Machines CorporationInterpreter with virtualized interface
US6230203Mar 14, 1997May 8, 2001Scientific-Atlanta, Inc.System and method for providing statistics for flexible billing in a cable environment
US6240463 *Nov 24, 1998May 29, 2001Lucent Technologies Inc.Router placement methods and apparatus for designing IP networks with performance guarantees
US6247057Oct 22, 1998Jun 12, 2001Microsoft CorporationNetwork server supporting multiple instance of services to operate concurrently by having endpoint mapping subsystem for mapping virtual network names to virtual endpoint IDs
US6259699Dec 30, 1997Jul 10, 2001Nexabit Networks, LlcSystem architecture for and method of processing packets and/or cells in a common switch
US6266678Dec 31, 1998Jul 24, 2001Computer Associates Think, Inc.System and method for dynamically viewing contents of a data file
US6269404Jan 5, 1999Jul 31, 20013Com CorporationVirtual network architecture for connectionless LAN backbone
US6279039Apr 3, 1996Aug 21, 2001Ncr CorporationResource management method and apparatus for maximizing multimedia performance of open systems
US6279040 *Apr 27, 1999Aug 21, 2001Industrial Technology Research InstituteScalable architecture for media-on demand servers
US6282581 *Mar 27, 1997Aug 28, 2001Hewlett-Packard CompanyMechanism for resource allocation and for dispatching incoming calls in a distributed object environment
US6282703Oct 29, 1998Aug 28, 2001International Business Machines CorporationStatically linking an application process with a wrapper library
US6286047Sep 10, 1998Sep 4, 2001Hewlett-Packard CompanyMethod and system for automatic discovery of network services
US6298479May 29, 1998Oct 2, 2001Sun Microsystems, Inc.Method and system for compiling and linking source files
US6308216 *Nov 14, 1997Oct 23, 2001International Business Machines CorporationService request routing using quality-of-service data and network resource information
US6308609 *Dec 8, 1998Oct 30, 2001Robert Bruce DaviesSuppressor
US6314558Feb 16, 1999Nov 6, 2001Compuware CorporationByte code instrumentation
US6327622Sep 3, 1998Dec 4, 2001Sun Microsystems, Inc.Load balancing in a network environment
US6336138Aug 25, 1998Jan 1, 2002Hewlett-Packard CompanyTemplate-driven approach for generating models on network services
US6351775May 30, 1997Feb 26, 2002International Business Machines CorporationLoading balancing across servers in a computer network
US6353616Dec 28, 1998Mar 5, 2002Lucent Technologies Inc.Adaptive processor schedulor and method for reservation protocol message processing
US6363053Feb 8, 1999Mar 26, 20023Com CorporationMethod and apparatus for measurement-based conformance testing of service level agreements in networks
US6370583 *Aug 17, 1998Apr 9, 2002Compaq Information Technologies Group, L.P.Method and apparatus for portraying a cluster of computer systems as having a single internet protocol image
US6381228Jan 15, 1999Apr 30, 2002Trw Inc.Onboard control of demand assigned multiple access protocol for satellite ATM networks
US6385638 *Sep 4, 1997May 7, 2002Equator Technologies, Inc.Processor resource distributor and method
US6389448May 5, 2000May 14, 2002Warp Solutions, Inc.System and method for load balancing
US6393484Apr 12, 1999May 21, 2002International Business Machines Corp.System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks
US6425003Jan 22, 1999Jul 23, 2002Cisco Technology, Inc.Method and apparatus for DNS resolution
US6430622Sep 22, 1999Aug 6, 2002International Business Machines CorporationMethods, systems and computer program products for automated movement of IP addresses within a cluster
US6434631 *Oct 15, 1999Aug 13, 2002Lucent Technologies Inc.Method and system for providing computer storage access with quality of service guarantees
US6434742May 10, 1999Aug 13, 2002Lucent Technologies Inc.Symbol for automatically renaming symbols in files during the compiling of the files
US6449647 *Sep 21, 1999Sep 10, 2002Cisco Systems, Inc.Content-aware switching of network packets
US6463454 *Jun 17, 1999Oct 8, 2002International Business Machines CorporationSystem and method for integrated load distribution and resource management on internet environment
US6466985 *Apr 9, 1999Oct 15, 2002At&T Corp.Method and apparatus for providing quality of service using the internet protocol
US6487578 *Sep 29, 1997Nov 26, 2002Intel CorporationDynamic feedback costing to enable adaptive control of resource utilization
US6647422 *Nov 10, 1998Nov 11, 2003Network Engineering Technologies, Inc.Web server employing multi-homed, modular framework
US6725456 *Nov 29, 1999Apr 20, 2004Lucent Technologies Inc.Methods and apparatus for ensuring quality of service in an operating system
US6760775 *Mar 6, 2000Jul 6, 2004At&T Corp.System, method and apparatus for network service load and reliability management
US6968389 *Jul 17, 2001Nov 22, 2005Cisco Technology, Inc.System and method for qualifying requests in a network
US6981029 *Jul 17, 2001Dec 27, 2005Cisco Technology, Inc.System and method for processing a request for information in a network
Non-Patent Citations
Reference
1Aho, A. V. and Allman J. D., Principles of Complier Design, Reading, MA, 1977 pp. vii-x, 359-362, 519-522.
2Bach, M. J., The Design of the Unix® Operating System, New Dehli, Prentice-Hall of India, 1989, pp. v-x, 19-37.
3Bhatti, N.; Friedrich, R. "Web server support for tiered services." Network, IEEE, vol. 13, Issue 5, pp. 64-71, Sep./Oct. 1999.
4Boehm, B., "Managing Software Productivity and Reuse," IEEE Computer, vol. 32, No. 9, Sep. 1999, 3 pages.
5Campbell, A. T. and Keshav, S., "Quality of Service in Distributed Systems," Computer Communications 21, 1998, pp. 291-293.
6Corbato, F. J. et al., "An Experimental Timesharing System," Proceedings of the American Federation Of Information Processing Societies Spring Joint Computer Conference, San Francisco, CA, May 1-3, 1962, pp. 335-344.
7Duetsch, P. and Grant, C.A., "A Flexible Measurement Tool for Software Systems," Information Processing (Proc. of the IFIP Congress), 1971, pp. 320-326.
8Duffield, N.G., et al., "A Flexible Model for Resource Management in Virtual Private Networks," Computer Communication Review Conference, Computer Communication, ACM SIGCOMM '99 Conference, Cambridge, MA, Aug. 30, 1999-Sep. 3, 1999, pp. 95-108.
9Edjlali, G. et al., "History-based Access Control for Mobile Code," Fifth ACM Conference on Computer and Communication Security, Nov. 3-5, 1998, 19 pages.
10Egevang, K. and Francis P., RFC 1631, May 1994 [online], [retrieved Feb. 2, 2000], Retrieved from the Internet: <.faqs.org/rfcs/rfc1631.html> 8 pages.
11Egevang, K. and Francis P., RFC 1631, May 1994 [online], [retrieved Feb. 2, 2000], Retrieved from the Internet: 8 pages.
12Erlington, U. and Schneider, F. B., "SASI Enforcement of Security Policies: A Retrospective," Proc. New Security Paradigms Workshop, Apr. 2, 1999, pp. 1-17.
13Evans, D. and Twyman, A., "Flexible Policy-Directed Code Safety," Proc. of 1999 IEEE Symposium on Security and Privacy, Oakland, CA, May 9-12, 1999, pp. 1-14.
14Fraser, T. et al., "Hardening COTS Software with Generic Software Wrappers," Proc. of 1999 IEEE Symposium on Security and Privacy, 1999, 15 pages.
15Goldberg, I. et al., "A Secure Environment For Untrusted Helper Applications (Confining the Wily Hacker)," Proc. of the Sixth USENIX UNIX Security Symposium, San Jose, CA, Jul. 1996, 14 pages.
16Goldberg, R. P., "Survey of Virtual Machine Research," IEEE Commuter, Jun. 1974, pp. 34-35.
17Goyal, P. et al., "Start-time Fair Queuing: A Scheduling Algorithm for Integrated Services Packet Switching Networks." Proceedings of ACM SIGCOMM '96, San Francisco, Ca, Aug. 1996, 14 pages.
18Goyal, P., "Packet Scheduling Algorithms for Integrated Services Networks," PhD Dissertation, University of Texas, Austin, TX, Aug. 1997, pp. 1-209.
19Goyal, P., "Packet Scheduling Algorithms for Integrated Services Networks," PhD Dissertation, University of Texas, Austin, TX, Aug. 1997.
20Goyal, P., et al., "A Hierarchical CPU Scheduler for Multimedia Operating Systems," Proceedings of the Second Symposium on Operating Systems Design and Implementation (OSDI'96), Seattle, WA, Oct. 1996, 15 pages.
21Huang, X. W. et al., "The Entrapid Protocol Development ENvironment," Proceedings of IEEE Infocom '99, Mar. 1999, nine pages.
22Jánosi, T., "Notes on 'A Hierarchical CPU Scheduler for Multimedia Operating Systems' by Pawan Goyal, Xingang Guo and Harrick Vin," [online], [retrieved on May 8, 2000]. Retrieved from the internet: .
23Janosi, T., "Notes on 'A Hierarchical CPU Scheduler for Multimedia Operating Systems' by Pawan Goyal, Xingang Guo and Harrick Vin," [online], [retrieved on May 8, 2000]. Retrieved from the internet: 3 pages.
24Janosi, T., "Notes on ‘A Hierarchical CPU Scheduler for Multimedia Operating Systems’ by Pawan Goyal, Xingang Guo and Harrick Vin," [online], [retrieved on May 8, 2000]. Retrieved from the internet: </cs.cornell.edu/Info/Courses/Spring-97/CS614/goy.html> 3 pages.
25Jánosi, T., "Notes on ‘A Hierarchical CPU Scheduler for Multimedia Operating Systems’ by Pawan Goyal, Xingang Guo and Harrick Vin," [online], [retrieved on May 8, 2000]. Retrieved from the internet: <URL: http://cs.cornell.edu/Info/Courses/Spring-97/CS614/goy.html>.
26Jonsson, J., "Exploring the Importance of Preprocessing Operations in Real-Time Multiprocessor Scheduling," Proc. of the IEEE Real-Time Systems Symposium-Work-in-Progress session, San Francisco, CA, Dec. 4, 1997, pp. 31-34.
27Jonsson, J., "Exploring the Importance of Preprocessing Operations in Real-Time Multiprocessor Scheduling," Proc. of the IEEE Real-Time Systems Symposium—Work-in-Progress session, San Francisco, CA, Dec. 4, 1997, pp. 31-34.
28Keshav, S., An Engineering Approach to Computer Networking: ATM Networks, the Internet, and the Telephone Network, Reading, MA, Addison-Wesley, 1997, pp. vii-xi, 85-115, 209-355, 395-444.
29Laurie, B. and Laurie, P., Apache The Definitive Guide, Sebastopol, CA, O'Reilly & Asssociates, Inc., Feb. 1999, pp. v-vii, 43-74.
30Mallory, T. and Kullberg, A., RFC 1141, Jan. 1990 [online], [retrieved Feb. 2, 2000], Retrieved from the Internet: <.faqs.org/rfcs/rfc1141.html> 2 pages.
31Mallory, T. and Kullberg, A., RFC 1141, Jan. 1990 [online], [retrieved Feb. 2, 2000], Retrieved from the Internet: 2 pages.
32McDougall, R., et al., Resource Management, Upper Saddle River, NJ, Prentice-Hall, 1999, pp. iii-xix, 135-191.
33Mitra, Debasis et al., "Hierarchical Virtual Partitioning: Algorithms for Virtual Private Networking," Bell Labs Technical Journal, Spring 1997, [online], Retrieved from the internet: 8 pages.
34Mitra, Debasis et al., "Hierarchical Virtual Partitioning: Algorithms for Virtual Private Networking," Bell Labs Technical Journal, Spring 1997, [online], Retrieved from the internet:</cm.bell-labs.com/cm/ms/who/mitra/papers/globe.ps> 8 pages.
35Pandey, R. and Hashii, B., "Providing Fine-Grained Access Control For Mobile Programs Through Binary Editing," Technical Report TR98 08, University of California, Davis, CA, 1998, pp. 1-22.
36Plummer, D.C., An Ethernet Address Resolution Protocol—or—Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware, Nov. 1982, [online], [retrieved on Jan. 17, 2000], Retrieved from the Internet: <.msg.net/kadow/answers/extras/rfc/rfc826.txt> pp. 1-8.
37Plummer, D.C., An Ethernet Address Resolution Protocol-or-Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware, Nov. 1982, [online], [retrieved on Jan. 17, 2000], Retrieved from the Internet: pp. 1-8.
38Rijsinghani, A., RFC 1624, May 1994, [online], [retrieved Feb. 2, 2000], Retrieved from the Internet: <.faqs.org/rfcs/rfc1624.html> pp. 1-5.
39Rijsinghani, A., RFC 1624, May 1994, [online], [retrieved Feb. 2, 2000], Retrieved from the Internet: pp. 1-5.
40Ritchie, D. M., "The Evolution of the Unix Time-Sharing System," AT&T Bell Laboratories Technical Journal 63, No. 6, Part 2, Oct. 1984, (originally presented 1979), 11 pages.
41Rubini, A., LINUX Device Drivers, Sebastopol, CA, O'Reilly & Associates, Inc., 1998, pp. v-x, 13-40.
42Rusling, D. A., Scheduling, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: <.cebaf.gov/˜saw/linux/tlk-html/node47.html> 1 page.
43Rusling, D. A., Scheduling, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: 1 page.
44Rusling, D.A. Scheduling in Multiprocessor Systems, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: <.cebaf.gov/˜saw/linux/tlk-html/node48.html> 1 pp.
45Rusling, D.A. Scheduling in Multiprocessor Systems, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: 1 pp.
46Rusling, D.A., Files, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: <.cebaf.gov/˜saw/linux/tlk-html/node49.html> 2 pages.
47Rusling, D.A., Files, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: 2 pages.
48Rusling, D.A., Identifiers, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: <.cebaf.gov/˜saw/linux/tlk-html/node46.html> 1 page.
49Rusling, D.A., Identifiers, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: 1 page.
50Rusling, D.A., Linux Processes, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: <.cebaf.gov/˜saw/linux/tlk-html/node45.html> 2 pages.
51Rusling, D.A., Linux Processes, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: 2 pages.
52Rusling, D.A., Processes, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: <cebaf.gov/˜saw/linux/tlk-html/node44.html> 2 pages.
53Rusling, D.A., Processes, [online], [retrieved on Dec. 7, 1999]. Retrieved from the Internet: 2 pages.
54Saltzer, J., H. and Schroeder, M. D., The Protection of Information in Computer Systems, [online], 1973, [retrieved on Apr. 2, 2002]. Retrieved from the Internet: .
55Saltzer, J., H. and Schroeder, M. D., The Protection of Information in Computer Systems, [online], 1973, [retrieved on Apr. 2, 2002]. Retrieved from the Internet: <URL: http://www.cs.virginia.edu˜evans/cs551/saltzer/.html>.
56Saltzer, J.H. and Schroeder, M. D., The Protection of Informaiton in Computer Systems, 1973, [online], [retrieved on Apr. 2, 2002]. Retrieved from the Internet: <cs.virginia.edu˜evans/cs551/saltzer/.html> 75 pages.
57Saltzer, J.H. and Schroeder, M. D., The Protection of Informaiton in Computer Systems, 1973, [online], [retrieved on Apr. 2, 2002]. Retrieved from the Internet: 75 pages.
58Stevens, R. W., UNIX Network Programming vol. 1 Networking APIs: Sockets and XTI, Upper Saddle River, NJ, Prentice Hall, 1998, pp. v-xiv, 29-53, 85-110, 727-760.
59Symbol Table, 1998,[online], [retrieved on Apr. 4, 2003], Retrieved on Apr. 4, 2003] Retrieved from the internet: 216.239.33.100/search?q=cache:eASXk8qC_-AC:www.caldera.com/developers/gabi/1998-04-29/ch4.s..., pp. 1-5.
60Tanenbaum, A. S. and Woodhull, A. S., Operating Systems: Design and Implementation, Upper Saddle River, NJ, Prentice Hall, 1997, pp. vii-xiv, 1-46, 401-454.
61Wahbe, R., et al., "Efficient Software-Based Fault Isolation," Proc. of the Symposium on Operating System Principles, 1993, 14 pages.
Classifications
U.S. Classification718/104, 718/1, 718/100, 709/203, 709/201, 718/102, 709/226, 709/219
International ClassificationG06F9/455, G06F9/46, G06F15/173, G06F15/16, G06F15/00
Cooperative ClassificationH04L67/322, G06F9/54, H04L61/1505, G06F9/5055, Y02B60/142, H04L29/12056
European ClassificationG06F9/50A6S, H04L29/12A2A, G06F9/54, H04L29/08N31Q, H04L61/15A
Legal Events
DateCodeEventDescription
Mar 18, 2013FPAYFee payment
Year of fee payment: 8
Aug 9, 2011CCCertificate of correction